ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2024-12-18 20:47:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

System test passes

Browse Source
This commit is contained in:
lareine 2021-11-17 11:33:44 -05:00
parent f74c5f72e7
commit 979adfdae3
7 changed files with 74 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
.ci/docker/Dockerfile.aca Normal file
View File

@ -0,0 +1,8 @@
FROM hirs/hirs-ci:centos7
# Install packages for installing HIRS ACA
RUN yum -y update && yum clean all
RUN yum install -y mariadb-server openssl tomcat java-1.8.0 rpmdevtools coreutils initscripts chkconfig sed grep firewalld policycoreutils && yum clean all
# Expose ACA Port
EXPOSE 8443

15
.ci/docker/Dockerfile.amazonlinux2 Normal file
View File

@ -0,0 +1,15 @@
FROM amazonlinux:2
# Install packages for building HIRS
RUN yum -y update && yum clean all
RUN yum groupinstall -y "Development Tools"
RUN yum install -y wget java-1.8.0-openjdk-devel protobuf-compiler rpm-build cmake make git gcc-c++ doxygen graphviz python3 libssh2-devel openssl protobuf-devel tpm2-tss-devel tpm2-abrmd-devel trousers-devel libcurl-devel
# Install EPEL
WORKDIR /tmp
RUN wget -O epel.rpm -nv https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
RUN yum install -y ./epel.rpm
RUN yum install -y cppcheck log4cplus-devel re2-devel
# Set Environment Variables
ENV JAVA_HOME /usr/lib/jvm/java

9
.ci/docker/Dockerfile.centos7 Normal file
View File

@ -0,0 +1,9 @@
FROM centos:7.5.1804
# Install packages for building HIRS
RUN yum -y update && yum clean all
RUN yum install -y java-1.8.0-openjdk-devel protobuf-compiler rpm-build epel-release cmake make git gcc-c++ doxygen graphviz python3 libssh2-devel openssl protobuf-devel tpm2-tss-devel tpm2-abrmd-devel trousers-devel libcurl-devel
RUN yum install -y cppcheck log4cplus-devel re2-devel
# Set Environment Variables
ENV JAVA_HOME /usr/lib/jvm/java

12
.ci/docker/Dockerfile.tpm2provisioner Normal file
View File

@ -0,0 +1,12 @@
FROM hirs/hirs-ci:centos7
# Install packages for installing HIRS TPM2 Provisioner
RUN yum -y update && yum clean all
RUN yum install -y tpm2-tools libcurl procps-ng wget dbus python-requests python2-future python36-future && yum clean all
# Install PACCOR for Device Info Gathering
RUN mkdir paccor && pushd paccor && wget https://github.com/nsacyber/paccor/releases/download/v1.1.4r2/paccor-1.1.4-2.noarch.rpm && yum -y install paccor-*.rpm && popd
# Install Software TPM for Provisioning
RUN mkdir ibmtpm && pushd ibmtpm && wget https://downloads.sourceforge.net/project/ibmswtpm2/ibmtpm1332.tar.gz && tar -zxvf ibmtpm1332.tar.gz && cd src && make -j5 && popd

15
.ci/docker/Dockerfile.tpmprovisioner Normal file
View File

@ -0,0 +1,15 @@
FROM hirs/hirs-ci:centos7
# Install packages for installing HIRS TPM Provisioner
RUN yum -y update && yum clean all
RUN yum install -y java-1.8.0-openjdk wget util-linux chkconfig sed systemd gmp-devel coreutils dmidecode bash autoconf autoconf-archive automake libtool pkgconfig m4 gcc-c++ openssl python-requests python2-future python36-future && yum clean all
# Install tpm_module for Communicating with TPM
RUN mkdir tpm_module && pushd tpm_module && wget https://github.com/nsacyber/HIRS/releases/download/v1.1.1/tpm_module-1.1.1-1574364941.0c2005.x86_64.rpm && yum -y install tpm_module-*.rpm && popd
# Install PACCOR for Device Info Gathering
RUN mkdir paccor && pushd paccor && wget https://github.com/nsacyber/paccor/releases/download/v1.1.4r2/paccor-1.1.4-2.noarch.rpm && yum -y install paccor-*.rpm && popd
# Install Software TPM for Provisioning
RUN mkdir tpm_emulator && pushd tpm_emulator && wget https://phoenixnap.dl.sourceforge.net/project/ibmswtpm/tpm4769tar.gz && tar -xzvf tpm4769tar.gz && pushd libtpm && ./autogen && ./configure && make && popd && pushd tpm && make -f makefile-tpm && popd && popd

13
.ci/docker/Dockerfile.ubuntu18 Normal file
View File

@ -0,0 +1,13 @@
FROM ubuntu:18.04
# Install packages for building HIRS
RUN apt-get update -y && apt-get upgrade -y && apt-get clean -y
RUN apt-get -y install autoconf autoconf-archive automake libtool pkg-config m4 openjdk-8-jdk protobuf-compiler build-essential devscripts lintian debhelper cmake make git g++ doxygen graphviz cppcheck liblog4cplus-dev libssl-dev libprotobuf-dev libre2-dev libsapi-dev trousers libtspi-dev libcurl4-openssl-dev
# Install Newer TPM2-TSS & TPM2-Abrmd from Source for Building HIRS_ProvisionerTPM2
RUN apt-get -y install wget libdbus-1-dev libglib2.0-dev
RUN mkdir tpm2tss && cd tpm2tss && wget https://github.com/tpm2-software/tpm2-tss/releases/download/1.3.0/tpm2-tss-1.3.0.tar.gz && tar -xzf tpm2-tss-1.3.0.tar.gz && cd tpm2-tss-1.3.0 && ./configure && make && make install && cd ../ && cd ../
RUN mkdir tpm2abrmd && cd tpm2abrmd && wget https://github.com/tpm2-software/tpm2-abrmd/releases/download/1.3.1/tpm2-abrmd-1.3.1.tar.gz && tar -xzf tpm2-abrmd-1.3.1.tar.gz && cd tpm2-abrmd-1.3.1 && ./configure && make && make install && cd ../ && cd ../
# Set Environment Variables
ENV JAVA_HOME /usr/lib/jvm/java-8-openjdk-amd64

4
.ci/system-tests/aca_policy_tests.sh
View File

@ -14,8 +14,8 @@ echo "ACA POLICY TEST 1: Test ACA default policy "
provision_tpm2 "pass"
echo "ACA POLICY TEST 2: Test EK cert Only Validation Policy without a EK Issuer Cert in the trust store"
setPolicyEkOnly
provision_tpm2 "pass"
setPolicyEkOnly
provision_tpm2 "fail"
echo "ACA POLICY TEST 3: Test EK Only Validation Policy"
uploadTrustedCerts